II. A Major Application to Computer Security  

From the power point file at http://www.scs.cs.nyu.edu/aos/notes/l19.pdf, we derive:

 

·        Most people familiar with discretionary access  control (DAC)

- Example: Unix user-group-other permission bits.

- Might set a file private so only group friends can read it

Add: From GrC point of view, DAC is a binary granulation: To each user p, we associate a group of users who have permission to access the files owned by p.

·        Discretionary means anyone with access can propagate information by e-mails:

-         E-mail: sigint@enemy.gov < private

However, for example, in database environment; the data can only be transported by read access; not by e-mails. In such cases, the propagation can be controlled by DAC. If we design the DAC appropriately, we can guarantee that the data will never flow into undesirable users.

Observe that DAC is a binary granulation, so it is a binary relation—called conflict of interest (CIR). If CIR is anti-reflexive, symmetric and anti-transitive then DAC will guarantee the information (owned by p) will not flow into p’ “enemy hands,” namely, those users who have conflict of interests with p.

 

1. Tsau Young Lin, “Chinese Wall Security Policy--An Aggressive Model”, Proceedings of the Fifth Aerospace Computer Security Application Conference, December 4-8, 1989, pp. 286-293. [Download] 
2. Tsau Young Lin , “Chinese Wall Security Policy Models: Information Flows and Confining Trojan Horses.” Proceedings of the 17th IFIP11.3 Working Conference on Database and Applications Security, August 4-6, 2003 [Download]
3. David D. C. Brewer and Michael J. Nash: ”The Chinese Wall Security Policy” IEEE Symposium on Security and Privacy, Oakland, May, 1989, pp 206-214. [Download]